Update 2! CodePen is Going All-HTTPS

As we mentioned a few weeks ago, CodePen will be going entirely HTTPS on June 1, 2017. That article goes into why and how it might affect for you.

This post is another reminder that it's happening! But, we also want to share some steps we're taking to help the process along.

Non-Secure Resources Now Visually Marked

You'll see this in settings if you're using a non-secure URL:

The red exclamation point indicates a resource linked over HTTP.

We're Updating Many Non-Secure URLs Automatically For You

We've been rolling through our massive database, updating URLs that we know are safe to update. For example, a CDN-linked version of a JavaScript library that can be updated to an HTTPS URL without any issues. We're doing this in lots of different areas, including URLs in External Resources and in the "Stuff for Head" section of settings.

New Pens Now Default to HTTPS

Any new Pen you create will start at an HTTPS URL. That way, as we march toward flipping the switch everywhere, anything you've made recently will very likely be unaffected since it was created over HTTPS to begin with.